CVE-2026-41379
Published: 28 April 2026
Summary
CVE-2026-41379 is a high-severity Incorrect Authorization (CWE-863) vulnerability in Openclaw Openclaw. Its CVSS base score is 7.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 6.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations on endpoints like chat.send to prevent unauthorized access and modification of admin-class voice configurations by operators.
Applies least privilege to restrict operator.write users from escalating to admin-level actions on sensitive Talk Voice configuration persistence.
Restricts access to configuration changes, such as Talk Voice settings, to authorized administrator roles only, blocking exploitation via the chat.send endpoint.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability is explicit privilege escalation via incorrect authorization on chat.send endpoint, allowing low-priv (operator.write) users to modify admin-only config; directly matches T1068 Exploitation for Privilege Escalation.
NVD Description
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability allowing authenticated operators with write permissions to access admin-class Talk Voice configuration persistence. Attackers with operator.write privileges can exploit the chat.send endpoint to reach and modify sensitive voice configuration settings intended for…
more
administrators only.
Deeper analysisAI
CVE-2026-41379 is a privilege escalation vulnerability (CWE-863: Incorrect Authorization) in OpenClaw versions prior to 2026.3.28. It affects the application's handling of configuration persistence for admin-class Talk Voice settings, where the chat.send endpoint fails to properly enforce authorization boundaries. The vulnerability has a CVSS v3.1 base score of 7.1 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N), indicating high integrity impact with low privileges required.
Authenticated attackers possessing operator.write privileges can exploit this issue remotely over the network with low complexity and no user interaction. By sending crafted requests to the chat.send endpoint, they gain unauthorized access to modify sensitive Talk Voice configuration settings that are intended exclusively for administrators, effectively escalating their privileges to perform administrative actions on voice persistence data.
Mitigation is available via a patch in OpenClaw commit e34694733fc64931ed4a543c73d84ad3435d5df1, with users advised to upgrade to version 2026.3.28 or later. Official guidance appears in the GitHub security advisory GHSA-3q42-xmxv-9vfr and VulnCheck's analysis, emphasizing validation of operator privileges on the affected endpoint to prevent unauthorized configuration changes.
Details
- CWE(s)